[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 236
  • Last Modified:

php login script not working

Writing a logon form which authenicates a password from a form against what is in oracle. If I enter an incorrect password it still echo user authenicated. Here is the code:

<?php
  $username = $_POST["username"];
  $password = $_POST["password"];

$conn = OCILogon("user","password", "instance");
$query = "select password from users where username = :emp ";
$stmt = OCIParse($conn, $query);
OCIBindByName($stmt, ':emp', $username);
OCIExecute($stmt);
OCIFetch($stmt);
$pwfromora = OCIResult($stmt, "PASSWORD");
echo "password from form ";
echo $password;
echo "<br>password from oracle ";
echo $pwfromora;
if ($password = $pwfromora) {
echo "<br>user authenicated";
} else {
echo "<br>user NOT authenicated";
}
?>
0
freqout
Asked:
freqout
1 Solution
 
nizsmoDeveloperCommented:
<?php
  $username = $_POST["username"];
  $password = $_POST["password"];

$conn = OCILogon("user","password", "instance");
$query = "select password from users where username = :emp ";
$stmt = OCIParse($conn, $query);
OCIBindByName($stmt, ':emp', $username);
OCIExecute($stmt);
OCIFetch($stmt);
$pwfromora = OCIResult($stmt, "PASSWORD");
echo "password from form ";
echo $password;
echo "<br>password from oracle ";
echo $pwfromora;
if ($password == $pwfromora) {
echo "<br>user authenicated";
} else {
echo "<br>user NOT authenicated";
}
?>


The script should now work, provided your query is correct.
You just missed out a "=" for the if statement.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now